Unrated severityNVD Advisory· Published Aug 28, 2023· Updated Oct 3, 2024

Saho ADM100&ADM-100FP - Broken Access Control

CVE-2023-38028

Description

Saho’s attendance devices ADM100 and ADM-100FP have insufficient authentication. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication to read system information and operate user's data, but can’t control system or disrupt service.

Affected products

Saho/Adm 100fpv5
Range: Q20100602

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.twcert.org.tw/tw/cp-132-7335-d300a-1.htmlmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000